CABARRUS COUNTY, N.C. (WBTV) - Officials say $1.7 million is missing after the Cabarrus County government was targeted in a social engineering scam.
Cabarrus County officials released details of the social engineering scam that diverted a $2.5 million vendor payment made by the county. Of that total, $1.7 million remains missing.
“The county was not hacked, it was not a cyber-security, this is a case of a spoof identity in which someone posed as a vendor, provided seemingly valid documentation and signed approvals," said County Manager Mike Downs.
It’s called social engineering and business email compromise.
“You’ll get an email from that looks like it’s from somebody like your boss, it could be from one of your suppliers, one of your manufacturers, somebody you’re commonly doing business with and they may ask you to wire money to this other location," said Brad Walser of Walser Technology Group in Salisbury. He advises companies and organizations on how to avoid getting stuck. “If you’re going to change wire transfer funds, or if get an email that looks a little bit off, you always can follow that up with a phone call, some sort of second form of verification.”
Officials say the county intended to send the money to Roanoke, Virginia-based Branch and Associates, Inc., which serves as general contractor for construction of West Cabarrus High, a new school for the Cabarrus County Schools District.
Construction on the new high school has not been impacted, and the scam remains under investigation by the Cabarrus County Sheriff’s Office and the Federal Bureau of Investigation.
The investigation revealed that scammers posed as representatives of Branch and Associates and targeted employees of county schools and government in a series of emails that began on Nov. 27, 2018.
“Legitimate requests to update bank account information are routine. In this case, the request to change Branch and Associates’ vendor banking information was made by conspirators. They provided County staff with new banking information, seemingly valid documentation and signed approvals. The conspirators then waited for the County to transfer the next vendor payment. After the funds were unknowingly deposited into the scammers’ account, they were diverted through multiple different accounts, the investigation revealed,” a press release stated.
Officials say the county received a courtesy notification of a missed payment from Branch and Associates on Jan. 8, 2019. County staff then reportedly confirmed that the electronic funds transfer (EFT) cleared in December.
Officials say the county notified SunTrust, the bank from which the funds were transferred, and followed their recommended procedures. Branch and Associates notified Bank of America, the bank to which funds were transferred, which froze $776,518 of the $2,504,601 that remained in traceable accounts.
Cabarrus County also consulted with its insurance vendors.
The $776,518 in recovered funds were paid to Branch and Associates on March 20, 2019. The remaining balance of $1.7 million was paid by the county to Branch and Associates on May 22, 2019.
The Cabarrus County Board of Commissioners restored funding for the construction project with the approved transfer of $1.6 million to the Capital Projects Fund on July 29, 2019.
The funds for the transfer came from a portion of the County’s Assigned Fund Balance set aside for extraordinary circumstances. The County is eligible to receive any future funds recovered though the investigation.
In recent years, the FBI has seen a steep increase in the amount and sophistication of socially engineered business email account compromise (EAC) scams. The FBI’s 2018 Internet Crime Report indicates the agency received 20,373 BEC/Email Account Compromise complaints with adjusted losses of over $1.2 billion last year.
No further information is available at this time due to the ongoing investigation.
Anyone with information can contact the Cabarrus County Sheriff’s Office at 704-920-3000 or firstname.lastname@example.org.